This article can also be found in the Premium Editorial Download "Information Security magazine: Does security make the grade in Windows Server 2008?."
Download it now to read this article plus other related content.
Avoiding Security Hang-Ups|
Do you think someone might be listening in on your cell phone calls--or those of your company's employees? It doesn't even occur to most of us, but it's an ongoing problem for many organizations concerned with industrial espionage and state-sponsored spying.
Restricting what your folks can talk about isn't really an enforceable policy and would pretty much neuter cell phones as a business tool. If cell phone security is critical to your organization, your realistic options are purpose-built "spook phones" or software-based encryption.
Or KoolSpan's TrustChip.
KoolSpan has incorporated its authentication/encryption technology into a tiny Secure Digital (SD) card, which can be plugged in to any SD-compatible cell phone for about $300 per unit.
"This has mainstream business appeal," says Nick Selby, senior analyst and director, enterprise security practice, for The 451 Group. "For some markets--defense contractors, manufacturing, pharmaceuticals--it's a no-brainer."
"Another piece of the market is critical infrastructure," says Tony Fascenda, KoolSpan founder and CEO. "It can be used for monitoring or control systems where there is a requirement for an extremely simple security environment without central key management."
KoolSpan's SecureEdge utilizes 256-bit AES in a Key token to securely connect
| with a Lock appliance for remote access, branch offices, LAN-to-LAN connections, wireless and VoIP.
The TrustChip miniaturizes this technology into a standard format--a fingertip-sized SD card featuring a 32-bit processor, 128 MB of Flash memory and 128 KB SRM, and low-voltage regulator, sufficient to handle encrypted voice and other applications without degrading performance.
Enterprises can administer phones and users through the KoolSpan Manager, which integrates with Active Directory or any LDAP to manage policy for groups and individuals. The policy data is stored on the chip, so you can set up unique groups for security--even on the fly. The technology scales nicely, because the chips handle all the security, communicating back to the management appliance only for periodic updates at user-defined intervals.
This was first published in February 2008